Apple iOS iBoot Secure Bootloader Code Leaked Online

Lawyers for Apple called for the source code to be removed from GitHub.

Apple has taken legal action to remove from GitHub its source code for iBoot after the boot ROM chip code showed up there this week, Naked Security reports.

iBoot, which is enabled when an iOS device is powered on and prior to the OS kernel load, ensures the integrity of the iOS device software.

Lawyers for Apple issued a takedown order under the Digital Millennium Copyright Act (DMCA), and the DCMA notice now replaces the code dump on GitHub. It's unclear how or why the source code was uploaded online.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.

An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2. The affected versions lack proper FIT signature enforcement, which allows an attacker to bypass U-Boot's verified boot and execute an unsigned kernel, embedded in a legacy i...